Cyber Security Engineer SoC/SIEM
malvern, midlands, united kingdom
Methods Business and Digital Technology
timeline analysis. Data Ingestion & Log Pipeline Engineering: Build, manage and optimise complex Logstash pipelines, utilising a wide range of plugins to handle diverse log formats, transform data, and enrich security telemetry. Ensure reliable ingestion of logs from both structured and unstructured sources into Elasticsearch. Syslog Configuration: Configure, manage rsyslog and configure centralised logging for network appliances, firewalls, and infrastructure … to ensure visibility and completeness of data collection. Linux Proficiency: Administer and troubleshoot Linux-based systems, with command-line fluency and scripting ability (e.g. Bash, Python) to support SIEM operations, log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK … SOPs and client expectations. Client Engagement & Communication: Communicate technical information clearly and confidently to both internal stakeholders and external clients. Collaborate with multidisciplinary teams, report findings effectively, and represent security operations during client interactions and project reviews. Desirable Skills and Experience Prior experience in Defence, Government, or Critical National Infrastructure environments. Familiarity with security frameworks such as More ❯
Posted: